Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/961a72-70fd-450f-9fe9-3bba3628324b/1/xsZlPoe7LvmtuwYZYOIFAKVU8DU.mft
File: xsZlPoe7LvmtuwYZYOIFAKVU8DU.mft (raw, json)
Hash identifier: Z0hciizl5fNpeV1Z5nilTGRzrHDwsqAv8heyqPAGV2U=
Subject key identifier: BB:0F:6D:D9:43:8E:79:7F:E7:0A:09:4A:A5:19:BB:13:CE:35:E7:EB
Authority key identifier: C6:C6:65:3E:87:BB:2E:F9:AD:BB:06:19:60:E2:05:00:A5:54:F0:35
Certificate issuer: /CN=c6c6653e87bb2ef9adbb061960e20500a554f035
Certificate serial: 019511A2C9CEAE5EAA5E80BC488537EC248A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xsZlPoe7LvmtuwYZYOIFAKVU8DU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/961a72-70fd-450f-9fe9-3bba3628324b/1/xsZlPoe7LvmtuwYZYOIFAKVU8DU.mft
Manifest number: 0421
Signing time: Mon 17 Feb 2025 02:00:35 +0000
Manifest this update: Mon 17 Feb 2025 02:00:35 +0000
Manifest next update: Tue 18 Feb 2025 02:00:35 +0000
Files and hashes: 1: CL-hnZLAW32dB0McMUvKXumHbjc.roa (hash: /6abOSVtqiSm907QP0eqatEoUJFnqFDpeoJMvvSk4WA=)
2: xsZlPoe7LvmtuwYZYOIFAKVU8DU.crl (hash: u1LU1gYCd2l2jGp2hriwvdny0ywP0MP9aThOh21hAZY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/961a72-70fd-450f-9fe9-3bba3628324b/1/xsZlPoe7LvmtuwYZYOIFAKVU8DU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/961a72-70fd-450f-9fe9-3bba3628324b/1/xsZlPoe7LvmtuwYZYOIFAKVU8DU.mft
rsync://rpki.ripe.net/repository/DEFAULT/xsZlPoe7LvmtuwYZYOIFAKVU8DU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:11:a2:c9:ce:ae:5e:aa:5e:80:bc:48:85:37:ec:24:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6c6653e87bb2ef9adbb061960e20500a554f035
Validity
Not Before: Feb 17 02:00:35 2025 GMT
Not After : Feb 18 02:00:35 2025 GMT
Subject: CN=bb0f6dd9438e797fe70a094aa519bb13ce35e7eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:11:fd:db:e7:d5:ba:36:61:c5:c9:40:0a:2c:
80:af:df:2f:e9:a6:10:5e:45:a1:fb:e9:f8:37:b6:
7b:1c:e8:67:d7:dd:cb:90:82:09:40:27:86:80:e0:
4e:04:a1:fe:6d:15:6a:7d:55:ed:e0:dc:0e:d5:8b:
56:fc:9c:16:db:b1:3b:fb:97:cc:40:77:d5:78:07:
d6:a6:01:f0:ad:47:c4:43:4f:5d:2e:61:d9:d4:a8:
00:bf:97:9c:21:0e:bb:c2:e0:29:97:df:49:43:b9:
38:86:1d:91:20:cc:91:02:f3:c3:2e:00:4f:60:31:
be:f3:00:61:9c:2f:54:2f:a4:6e:7b:4d:b4:b3:4a:
1a:fb:f5:fd:7d:a9:f3:85:46:60:3b:9e:ab:57:32:
0a:e4:a8:58:18:cc:a1:47:91:79:ad:4e:65:92:88:
ca:03:a8:c3:94:cf:13:e1:b6:24:5a:b7:ae:59:af:
20:e1:71:53:16:92:cb:39:79:fd:f7:37:ce:f5:77:
d2:7b:99:7c:7e:6a:d2:2c:2c:ee:18:6a:36:a8:4e:
c5:8c:f6:3e:ed:eb:53:38:9a:05:1b:34:50:39:f0:
dc:84:69:03:e0:8f:41:fe:37:eb:72:da:84:4a:e5:
83:35:42:f4:ee:d0:9a:e5:9c:bb:5d:d5:77:16:c9:
84:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:0F:6D:D9:43:8E:79:7F:E7:0A:09:4A:A5:19:BB:13:CE:35:E7:EB
X509v3 Authority Key Identifier:
keyid:C6:C6:65:3E:87:BB:2E:F9:AD:BB:06:19:60:E2:05:00:A5:54:F0:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsZlPoe7LvmtuwYZYOIFAKVU8DU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/961a72-70fd-450f-9fe9-3bba3628324b/1/xsZlPoe7LvmtuwYZYOIFAKVU8DU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/961a72-70fd-450f-9fe9-3bba3628324b/1/xsZlPoe7LvmtuwYZYOIFAKVU8DU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9f:21:7c:d3:b6:9a:97:6d:1f:c8:bd:f6:cf:64:9b:d2:3b:b7:
f8:f6:48:26:c2:b3:9a:36:6f:80:50:5a:1f:17:b4:4a:86:b0:
74:d7:d2:03:47:c9:22:7e:09:e6:2b:5d:46:25:b5:60:b2:1f:
a8:74:66:de:74:da:0e:9b:0c:12:32:d3:4a:27:2a:fb:4a:dd:
63:47:18:e8:5c:a7:56:b7:f3:35:bd:67:1b:f0:ca:73:a6:f8:
99:26:50:05:48:7f:0f:8c:9b:ea:ae:c1:05:c1:77:3b:50:c0:
4c:e7:82:bd:2c:02:7c:95:e6:f9:06:8d:d8:3e:5c:aa:25:39:
53:d9:ce:5e:f0:4b:d9:b4:40:c1:c1:c2:2b:61:69:03:2c:af:
ea:d4:2e:29:63:f7:fc:4c:70:18:f8:0b:98:56:63:7e:0a:dc:
10:30:73:b8:f5:01:2d:da:22:e2:db:95:be:a9:bb:59:47:e5:
4a:bd:87:79:57:16:06:f7:f3:f7:09:86:57:23:d1:ec:2d:a9:
23:48:38:84:a1:4a:ab:1f:98:53:4b:f2:b9:6f:a4:e1:7a:a9:
2d:95:80:e4:b1:05:8a:09:08:71:e0:79:d1:2e:fb:83:4b:83:
3f:99:c9:11:ae:6f:fb:94:aa:05:5f:07:90:5c:25:9e:cf:f7:
65:ee:f0:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURosnOrl6qXoC8SIU37CSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YzY2NTNlODdiYjJlZjlhZGJiMDYxOTYwZTIwNTAwYTU1
NGYwMzUwHhcNMjUwMjE3MDIwMDM1WhcNMjUwMjE4MDIwMDM1WjAzMTEwLwYDVQQD
EyhiYjBmNmRkOTQzOGU3OTdmZTcwYTA5NGFhNTE5YmIxM2NlMzVlN2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBH92+fVujZhxclACiyAr98v6aYQ
XkWh++n4N7Z7HOhn193LkIIJQCeGgOBOBKH+bRVqfVXt4NwO1YtW/JwW27E7+5fM
QHfVeAfWpgHwrUfEQ09dLmHZ1KgAv5ecIQ67wuApl99JQ7k4hh2RIMyRAvPDLgBP
YDG+8wBhnC9UL6Rue020s0oa+/X9fanzhUZgO56rVzIK5KhYGMyhR5F5rU5lkojK
A6jDlM8T4bYkWreuWa8g4XFTFpLLOXn99zfO9XfSe5l8fmrSLCzuGGo2qE7FjPY+
7etTOJoFGzRQOfDchGkD4I9B/jfrctqESuWDNUL07tCa5Zy7XdV3FsmEoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLsPbdlDjnl/5woJSqUZuxPONefrMB8GA1UdIwQY
MBaAFMbGZT6Huy75rbsGGWDiBQClVPA1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHNabFBvZTdMdm10dXdZWllPSUZBS1ZVOERVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi85NjFhNzItNzBmZC00NTBmLTlmZTkt
M2JiYTM2MjgzMjRiLzEveHNabFBvZTdMdm10dXdZWllPSUZBS1ZVOERVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi85NjFhNzItNzBmZC00NTBmLTlmZTktM2JiYTM2MjgzMjRi
LzEveHNabFBvZTdMdm10dXdZWllPSUZBS1ZVOERVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnyF807aa
l20fyL32z2Sb0ju3+PZIJsKzmjZvgFBaHxe0SoawdNfSA0fJIn4J5itdRiW1YLIf
qHRm3nTaDpsMEjLTSicq+0rdY0cY6FynVrfzNb1nG/DKc6b4mSZQBUh/D4yb6q7B
BcF3O1DATOeCvSwCfJXm+QaN2D5cqiU5U9nOXvBL2bRAwcHCK2FpAyyv6tQuKWP3
/ExwGPgLmFZjfgrcEDBzuPUBLdoi4tuVvqm7WUflSr2HeVcWBvfz9wmGVyPR7C2p
I0g4hKFKqx+YU0vyuW+k4XqpLZWA5LEFigkIceB50S77g0uDP5nJEa5v+5SqBV8H
kFwlns/3Ze7woQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:37 2025 by rpki-client